Filter and redact events that the other server doesn't have permission to see during backfill

author: Erik Johnston <erik@matrix.org> 2015-07-03 17:52:57 +0100
committer: Erik Johnston <erik@matrix.org> 2015-07-03 17:52:57 +0100
commit: c3e2600c6727534d4ebf20dcd8219e248ca31461 (patch)
tree: 1e9201db12a7bde20d5bb62f8b4ca727dbd5764c /synapse/handlers
parent: Respect m.room.history_visibility in v2_alpha sync API (diff)
download: synapse-c3e2600c6727534d4ebf20dcd8219e248ca31461.tar.xz
1 files changed, 44 insertions, 0 deletions
diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
index b5d882fd65..663d05c633 100644
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -31,6 +31,8 @@ from synapse.crypto.event_signing import (
 )
 from synapse.types import UserID
 
+from synapse.events.utils import prune_event
+
 from synapse.util.retryutils import NotRetryingDestination
 
 from twisted.internet import defer
@@ -222,6 +224,46 @@ class FederationHandler(BaseHandler):
                     "user_joined_room", user=user, room_id=event.room_id
                 )
 
+    @defer.inlineCallbacks
+    def _filter_events_for_server(self, server_name, room_id, events):
+        states = yield self.store.get_state_for_events(
+            room_id, [e.event_id for e in events],
+        )
+
+        events_and_states = zip(events, states)
+
+        def redact_disallowed(event_and_state):
+            event, state = event_and_state
+
+            if not state:
+                return event
+
+            history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
+            if history and history.content.get("visibility", None) == "after_join":
+                for ev in state.values():
+                    if ev.type != EventTypes.Member:
+                        continue
+                    try:
+                        domain = UserID.from_string(ev.state_key).domain
+                    except:
+                        continue
+
+                    if domain != server_name:
+                        continue
+
+                    if ev.membership == Membership.JOIN:
+                        return event
+                else:
+                    return prune_event(event)
+
+            return event
+
+        res = map(redact_disallowed, events_and_states)
+
+        logger.info("_filter_events_for_server %r", res)
+
+        defer.returnValue(res)
+
     @log_function
     @defer.inlineCallbacks
     def backfill(self, dest, room_id, limit, extremities=[]):
@@ -882,6 +924,8 @@ class FederationHandler(BaseHandler):
             limit
         )
 
+        events = yield self._filter_events_for_server(origin, room_id, events)
+
         defer.returnValue(events)
 
     @defer.inlineCallbacks
author	Erik Johnston <erik@matrix.org>	2015-07-03 17:52:57 +0100
committer	Erik Johnston <erik@matrix.org>	2015-07-03 17:52:57 +0100
commit	c3e2600c6727534d4ebf20dcd8219e248ca31461 (patch)
tree	1e9201db12a7bde20d5bb62f8b4ca727dbd5764c /synapse/handlers
parent	Respect m.room.history_visibility in v2_alpha sync API (diff)
download	synapse-c3e2600c6727534d4ebf20dcd8219e248ca31461.tar.xz